CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/04/29 11:25 a.m.•0 views

SUSE-SU-2026:21418-1 Security update for firewalld

This update for firewalld fixes the following issues: - CVE-2026-4948: local unprivileged users can modify the runtime firewall state without proper authentication due to D-Bus setter mis-authorizations bsc1260903...

5.5CVSS5.8AI score0.00031EPSS

OSV•added 2026/04/11 2:3 p.m.•2 views

OESA-2026-1856 firewalld security update

firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface. Security Fixes: A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and...

5.5CVSS5.7AI score0.00031EPSS

OSV•added 2026/03/27 6:16 a.m.•2 views

DEBIAN-CVE-2026-4948

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

5.5CVSS5.2AI score0.00031EPSS

NVD•added 2026/03/27 6:16 a.m.•1 views

CVE-2026-4948

5.5CVSS0.00031EPSS

Debian CVE•added 2026/03/27 5:30 a.m.•2 views

CVE-2026-4948

5.5CVSS5.2AI score0.00031EPSS

Exploits0

Cvelist•added 2026/03/27 5:30 a.m.•27 views

CVE-2026-4948 Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization

5.5CVSS0.00031EPSS

ATTACKERKB•added 2026/03/27 5:30 a.m.•0 views

CVE-2026-4948

5.5CVSS5.7AI score0.00031EPSS

AlpineLinux•added 2026/03/27 5:30 a.m.•2 views

CVE-2026-4948

5.5CVSS5.2AI score0.00031EPSS

Positive Technologies•added 2026/03/27 12:0 a.m.•1 views

PT-2026-28678

Name of the Vulnerable Software and Affected Versions firewalld affected versions not specified Description A flaw exists in firewalld that allows a local unprivileged user to modify the runtime firewall state without proper authentication. This is possible due to mis-authorization of two runtime...

5.5CVSS5.9AI score0.00031EPSS

Exploits0References22

CNVD•added 2025/09/11 12:0 a.m.•2 views

Adobe Experience Manager misauthorization vulnerability (CNVD-2025-21153)

Adobe Experience Manager is a content management solution from Adobe designed to help organizations efficiently create, manage and deliver cross-channel content while integrating business solutions to enhance the customer experience. A misauthorization vulnerability exists in Adobe Experience...

6.5CVSS6.6AI score0.0008EPSS

CNNVD•added 2025/09/09 12:0 a.m.•1 views

Adobe Experience Manager 安全漏洞

6.5CVSS6.8AI score0.0008EPSS

CNNVD•added 2025/06/10 12:0 a.m.•2 views

Dell Wyse Management Suite WMS 安全漏洞

Wyse Management Suite WMS is a combined cloud and local management platform from Dell. A misauthorization vulnerability exists in Wyse Management Suite WMS, which can be exploited by an attacker to cause unauthorized access...

6.8CVSS6.5AI score0.00179EPSS

CNNVD•added 2024/10/10 12:0 a.m.•1 views

Adobe Commerce 安全漏洞

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A misauthorization vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...

4.3CVSS6.6AI score0.00068EPSS

CNNVD•added 2024/08/29 12:0 a.m.•1 views

WordPress plugin Droip 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.3CVSS6.5AI score0.00253EPSS

CNNVD•added 2024/04/17 12:0 a.m.•3 views

WordPress Plugin Data Tables Generator by Supsystic 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5CVSS6.8AI score0.00145EPSS

CNNVD•added 2023/10/11 12:0 a.m.•2 views

Juniper Networks Junos OS Security Vulnerability

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS that stems from a misauthorization vulnerability in CP packet...

6.8AI score